fix: web file and docker images

.github/workflows/docker-build.yml

@@ -8,24 +8,23 @@ on:
       - main
       - release-*
     tags:
-      - 'v*.*.*'       # 例如 v1.0.0, v2.1.3
-      - 'v*.*.*-*'     # 例如 v1.0.0-beta.1
+      - 'v*.*.*'
+      - 'v*.*.*-*'
   workflow_dispatch:
 
 jobs:
   build-voiceflow:
     runs-on: ubuntu-latest
     steps:
-      # 1. 检出代码
       - name: Checkout code
         uses: actions/checkout@v4
         with:
-          fetch-depth: 0  # 确保获取所有标签
+          fetch-depth: 0
 
-      # 2. 设置 Docker Buildx
       - name: Set up Docker Buildx
         uses: docker/[email protected]
 
+      # 改进的缓存配置
       - name: Cache Docker layers
         uses: actions/cache@v4
         with:
@@ -34,30 +33,35 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-buildx-
 
-      # 3. 登录 Docker Hub
+      # 添加 Trivy 缓存
+      - name: Cache Trivy vulnerability database
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/trivy
+          key: trivy-${{ github.sha }}
+          restore-keys: |
+            trivy-
+
       - name: Log in to Docker Hub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
-      # 4. 登录阿里云容器注册表
       - name: Log in to AliYun Docker Hub
         uses: docker/login-action@v3
         with:
           registry: registry.cn-hangzhou.aliyuncs.com
           username: ${{ secrets.ALIREGISTRY_USERNAME }}
           password: ${{ secrets.ALIREGISTRY_TOKEN }}
 
-      # 5. 登录 GitHub Container Registry
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      # 6. 获取 Docker Metadata
       - name: Get Docker metadata
         id: metadata
         uses: docker/[email protected]
@@ -77,7 +81,7 @@ jobs:
             type=semver,pattern={{major}}
             type=sha
 
-      # 7. 构建并推送 Docker 镜像
+      # 改进的构建步骤
       - name: Build and push Docker image for voiceflow
         uses: docker/build-push-action@v5
         with:
@@ -88,19 +92,30 @@ jobs:
           tags: ${{ steps.metadata.outputs.tags }}
           labels: ${{ steps.metadata.outputs.labels }}
           cache-from: type=local,src=/tmp/.buildx-cache
-          cache-to: type=local,dest=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
           build-args: |
             VERSION=${{ steps.metadata.outputs.version }}
           provenance: true
 
-      # 8. 可选：安全扫描（例如 Trivy）
+      # 修改缓存路径
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
+      # 改进的 Trivy 扫描配置
       - name: Scan Docker image for vulnerabilities
         uses: aquasecurity/[email protected]
         with:
-          image-ref: telepace/voiceflow:${{ steps.metadata.outputs.version }}
+          image-ref: docker.io/telepace/voiceflow:${{ steps.metadata.outputs.version }}
           format: 'table'
-          exit-code: '0'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
+          timeout: '5m'
+          cache-dir: ~/.cache/trivy
 
-      # 9. 清理未使用的 Docker 镜像
       - name: Clean up Docker
+        if: always()
         run: docker system prune -f

audio_files/README.md

@@ -0,0 +1 @@
+# readme

cmd/voiceflow/root.go

@@ -3,9 +3,11 @@ package main
 
 import (
 	"context"
+	"embed"
 	"fmt"
 	"github.com/joho/godotenv"
 	"github.com/telepace/voiceflow/pkg/config"
+	"io/fs"
 	"net/http"
 	"os"
 	"strings"
@@ -20,6 +22,41 @@ import (
 
 var cfgFile string
 
+//go:embed web/*
+var webFS embed.FS
+
+// setupFileServers sets up the file servers for both embedded and local files
+func setupFileServers(mux *http.ServeMux) error {
+	// Setup web content from embedded files
+	webContent, err := fs.Sub(webFS, "web")
+	if err != nil {
+		return err
+	}
+	mux.Handle("/", http.FileServer(http.FS(webContent)))
+
+	// Setup audio files from local directory
+	// This allows for dynamic audio file serving without embedding
+	mux.Handle("/audio_files/", http.StripPrefix("/audio_files/",
+		http.FileServer(http.Dir("audio_files"))))
+
+	return nil
+}
+
+// ensureDirectories creates necessary directories if they don't exist
+func ensureDirectories() error {
+	dirs := []string{
+		"audio_files",
+	}
+
+	for _, dir := range dirs {
+		if err := os.MkdirAll(dir, 0755); err != nil {
+			return fmt.Errorf("failed to create directory %s: %w", dir, err)
+		}
+	}
+
+	return nil
+}
+
 var rootCmd = &cobra.Command{
 	Use:   "voiceflow",
 	Short: "VoiceFlow is a voice processing server",
@@ -64,8 +101,9 @@ func run(cmd *cobra.Command, args []string) error {
 
 	// Set up HTTP server
 	mux := http.NewServeMux()
-	mux.Handle("/", http.FileServer(http.Dir("./web")))
-	mux.Handle("/audio_files/", http.StripPrefix("/audio_files/", http.FileServer(http.Dir("./audio_files"))))
+	if err := setupFileServers(mux); err != nil {
+		return fmt.Errorf("failed to setup file servers: %w", err)
+	}
 
 	// Initialize WebSocket server
 	wsServer := serverpkg.NewServer()
@@ -147,7 +185,7 @@ func init() {
 func initConfig() {
 	// 加载 .env 文件
 	if err := godotenv.Load(); err != nil {
-		logger.Fatal("No .env file found or failed to load, proceeding without it")
+		logger.Warn("No .env file found or failed to load, proceeding without it")
 	} else {
 		logger.Info(".env file loaded")
 	}